High-performance pattern-matching for intrusion detection

被引:0
|
作者
van Lunteren, Jan [1 ]
机构
[1] IBM Res Corp, Zurich Res Lab, CH-8803 Ruschlikon, Switzerland
来源
25TH IEEE INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATIONS, VOLS 1-7, PROCEEDINGS IEEE INFOCOM 2006 | 2006年
关键词
D O I
暂无
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
New generations of network intrusion detection systems create the need for advanced pattern-matching engines. This paper presents a novel scheme for pattern-matching, called BFPM, that exploits a hardware-based programmable state-machine technology to achieve deterministic processing rates that are independent of input and pattern characteristics on the order of 10 Gb/s for FPGA and at least 20 Gb/s for ASIC implementations. BFPM supports dynamic updates and is one of the most storage-efficient schemes in the industry, supporting two thousand patterns extracted from Snort with a total of 32 K characters in only 128 KB of memory.
引用
收藏
页码:1409 / 1421
页数:13
相关论文
共 50 条
  • [1] The Improved AC High-Performance Pattern-Matching Algorithm for Intrusion Detection
    Xu, Dongliang
    Zhang, Hongli
    Hou, Miao
    [J]. WEB TECHNOLOGIES AND APPLICATIONS, APWEB 2014, PT II, 2014, 8710 : 200 - 213
  • [2] Distributed Hierarchical Pattern-Matching for Network Intrusion Detection
    Baig, Zubair
    Salah, Khaled
    [J]. JOURNAL OF INTERNET TECHNOLOGY, 2016, 17 (02): : 167 - 178
  • [3] The Research and Amelioration of Pattern-matching Algorithm in Intrusion Detection System
    Wu, Pei-fei
    Shen, Hai-juan
    [J]. 2012 IEEE 14TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS & 2012 IEEE 9TH INTERNATIONAL CONFERENCE ON EMBEDDED SOFTWARE AND SYSTEMS (HPCC-ICESS), 2012, : 1712 - 1715
  • [4] A fast pattern-matching algorithm for network intrusion detection system
    Sung, Jung-Sik
    Kang, Seok-Min
    Kwon, Taeck-Geun
    [J]. NETWORKING 2006: NETWORKING TECHNOLOGIES, SERVICES, AND PROTOCOLS; PERFORMANCE OF COMPUTER AND COMMUNICATION NETWORKS; MOBILE AND WIRELESS COMMUNICATIONS SYSTEMS, 2006, 3976 : 1157 - 1162
  • [5] A pattern-matching co-processor for network intrusion detection systems
    Clark, CR
    Schimmel, DE
    [J]. 2003 IEEE INTERNATIONAL CONFERENCE ON FIELD-PROGRAMMABLE TECHNOLOGY (FPT), PROCEEDINGS, 2003, : 68 - 74
  • [6] A high performance and scalable packet pattern-matching architecture
    Ye, Mingjiang
    Xu, Ke
    Wu, Jianping
    Cui, Yong
    [J]. 2008 THE INTERNATIONAL CONFERENCE ON INFORMATION NETWORKING, 2008, : 425 - 429
  • [7] A Pattern-Matching Scheme With High Throughput Performance and Low Memory Requirement
    Lee, Tsern-Huei
    Huang, Nai-Lun
    [J]. IEEE-ACM TRANSACTIONS ON NETWORKING, 2013, 21 (04) : 1104 - 1116
  • [8] ALGORITHMS FOR PATTERN-MATCHING
    DAVIES, G
    BOWSHER, S
    [J]. SOFTWARE-PRACTICE & EXPERIENCE, 1986, 16 (06): : 575 - 601
  • [9] PATTERN-MATCHING IN TREES
    HOFFMANN, CM
    ODONNELL, MJ
    [J]. JOURNAL OF THE ACM, 1982, 29 (01) : 68 - 95
  • [10] ADAPTIVE PATTERN-MATCHING
    SEKAR, RC
    RAMESH, R
    RAMAKRISHNAN, IV
    [J]. LECTURE NOTES IN COMPUTER SCIENCE, 1992, 623 : 247 - 260
12345